Post

HackTheBox Graverobber Writeup

Posted
By x3ric
2 min read

Explore the basics of cybersecurity in the Graverobber Challenge on Hack The Box. This very-easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

import os
import subprocess
# Memory data from x/64bc 0x4040 command in gdb
memory_data = [
    0x48, 0x00, 0x00, 0x00,  # 'H'
    0x54, 0x00, 0x00, 0x00,  # 'T'
    0x42, 0x00, 0x00, 0x00,  # 'B'
    0x7b, 0x00, 0x00, 0x00,  # '{'
    0x62, 0x00, 0x00, 0x00,  # 'b'
    0x72, 0x00, 0x00, 0x00,  # 'r'
    0x33, 0x00, 0x00, 0x00,  # '3'
    0x34, 0x00, 0x00, 0x00,  # '4'
    0x6b, 0x00, 0x00, 0x00,  # 'k'
    0x31, 0x00, 0x00, 0x00,  # '1'
    0x6e, 0x00, 0x00, 0x00,  # 'n'
    0x39, 0x00, 0x00, 0x00,  # '9'
    0x5f, 0x00, 0x00, 0x00,  # '_'
    0x64, 0x00, 0x00, 0x00,  # 'd'
    0x30, 0x00, 0x00, 0x00,  # '0'
    0x77, 0x00, 0x00, 0x00,  # 'w'
    0x6e, 0x00, 0x00, 0x00,  # 'n'
    0x5f, 0x00, 0x00, 0x00,  # '_'
    0x74, 0x00, 0x00, 0x00,  # 't'
    0x68, 0x00, 0x00, 0x00,  # 'h'
    0x33, 0x00, 0x00, 0x00,  # '3'
    0x5f, 0x00, 0x00, 0x00,  # '_'
    0x73, 0x00, 0x00, 0x00,  # 's'
    0x79, 0x00, 0x00, 0x00,  # 'y'
    0x73, 0x00, 0x00, 0x00,  # 's'
    0x63, 0x00, 0x00, 0x00,  # 'c'
    0x34, 0x00, 0x00, 0x00,  # '4'
    0x6c, 0x00, 0x00, 0x00,  # 'l'
    0x6c, 0x00, 0x00, 0x00,  # 'l'
    0x35, 0x00, 0x00, 0x00,  # '5'
    0x7d, 0x00, 0x00, 0x00   # '}'
]
def extract_path_from_memory(memory_data):
    path_parts = []
    current_part = []
    for byte in memory_data:
        if byte == 0x00:
            if current_part:
                path_parts.append(''.join(current_part))
                current_part = []
        else:
            current_part.append(chr(byte))
    if current_part:
        path_parts.append(''.join(current_part))
    return path_parts

def try_full_path(binary_path, path_parts):
    try:
        test_dir = "treasure_hunt"
        full_test_dir = os.path.join(binary_path, test_dir)
        os.makedirs(full_test_dir, exist_ok=True)
        current_path = full_test_dir
        for part in path_parts:
            current_path = os.path.join(current_path, part)
            os.makedirs(current_path, exist_ok=True)
        result = subprocess.run(
            [os.path.join(binary_path, 'robber')],
            capture_output=True,
            text=True,
            cwd=full_test_dir
        )
        print(f"Trying full path constructed from memory: {'/'.join(path_parts)}")
        print(f"Output: {result.stdout.strip()}")
        return "treasure" in result.stdout.lower(), result.stdout.strip()
    except Exception as e:
        print(f"Error: {e}")
        return False, str(e)

if __name__ == "__main__":
    binary_path = os.getcwd()
    path_parts = extract_path_from_memory(memory_data)
    success, output = try_full_path(binary_path, path_parts)
    if success:
        print(f"Treasure found with path: {'/'.join(path_parts)}")
    else:
        print("No treasure found.")

Summary

The Graverobber Challenge on Hack The Box is a very-easy-level challenge that introduces encryption reversal and file handling for beginners. It involves analyzing memory data to reconstruct a file path and then using a Python script to attempt navigating that path to find a hidden “treasure.” The script processes the memory data, constructs a path, and attempts to run a binary (robber) in the generated directory structure to reveal the treasure, providing a basic introduction to reversing and path manipulation in CTF challenges.

challenge
htb challenge writeup linux rev
This post is licensed under CC BY 4.0 by the author.